Forum Discussion
Elias_O_16228
Aug 27, 2012Nimbostratus
SSL Server Offload - Serverside cipher
We are running LTM 10.2.3 with server ssl offload. Some of our clients browsers are running TLS1.2 and our server does not support TLS1.2. I wanted to customize serverside SSL to not use TLS1.2, to decrypt and recrypt with TLS1.1 on server end.
Not sure if this would work.
Regards
- hoolioCirrostratusHi Elias,
- Elias_O_16228Nimbostratus
Aaron,
Regards
Elias
- Elias_O_16228NimbostratusI was thinking of doing something like this: !TLS1.2:ALL:@SPEED on the serverside profile, telling it to NOT USE TLS1.2 in its communication with Server.
- hoolioCirrostratusHi Elias,
- Elias_O_16228Nimbostratus"NATIVE:!TLS1_2:ALL:@SPEED" not accepted by the LTM (with space after Native and without space). [Note without quotes]
- hoolioCirrostratusSorry to hear that. It looks like there was a bug for this which was fixed in 10.2.4 and 11.2:
- Elias_O_16228NimbostratusAaron, Thanks very much. You are awesome for Newbies like me.
- hoolioCirrostratusGood to hear. Let us know how your testing goes.
- Elias_O_16228NimbostratusWell, I just wanted to say that the upgrade went smoothly. it appears I am running into some minor issue that might be Bug. After upgrade to 10.2.4, I noticed that the software management >image list is showing "false" under product. This should show "Big IP". This also changed all existing images to "false" under Product. Though, when clicked on image detail, it shows "big IP" under product. I can understand if that only to the new code, but changing other images to "false" under product I could not understand. I have opened case with F5... will post out come when resolved.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects